class Mongo::Auth::LDAP::Conversation

Defines behavior around a single PLAIN conversation between the client and server.

@since 2.0.0

Constants

LOGIN

The login message.

@since 2.0.0

Attributes

reply[R]

@return [ Protocol::Message ] reply The current reply in the

conversation.
user[R]

@return [ User ] user The user for the conversation.

Public Class Methods

new(user) click to toggle source

Create the new conversation.

@example Create the new conversation.

Conversation.new(user, "admin")

@param [ Auth::User ] user The user to converse about.

@since 2.0.0

# File lib/mongo/auth/ldap/conversation.rb, line 86
def initialize(user)
  @user = user
end

Public Instance Methods

finalize(reply, connection) click to toggle source

Finalize the PLAIN conversation. This is meant to be iterated until the provided reply indicates the conversation is finished.

@param [ Protocol::Message ] reply The reply of the previous

message.

@param [ Server::Connection ] connection The connection being

authenticated.

@return [ Protocol::Query ] The next message to send.

@since 2.0.0

# File lib/mongo/auth/ldap/conversation.rb, line 48
def finalize(reply, connection)
  validate!(reply, connection.server)
end
start(connection) click to toggle source

Start the PLAIN conversation. This returns the first message that needs to be sent to the server.

@param [ Server::Connection ] connection The connection being

authenticated.

@return [ Protocol::Query ] The first PLAIN conversation message.

@since 2.0.0

# File lib/mongo/auth/ldap/conversation.rb, line 61
def start(connection)
  if connection && connection.features.op_msg_enabled?
    selector = LOGIN.merge(payload: payload, mechanism: LDAP::MECHANISM)
    selector[Protocol::Msg::DATABASE_IDENTIFIER] = Auth::EXTERNAL
    cluster_time = connection.mongos? && connection.cluster_time
    selector[Operation::CLUSTER_TIME] = cluster_time if cluster_time
    Protocol::Msg.new([], {}, selector)
  else
    Protocol::Query.new(
      Auth::EXTERNAL,
      Database::COMMAND,
      LOGIN.merge(payload: payload, mechanism: LDAP::MECHANISM),
      limit: -1
    )
  end
end

Private Instance Methods

payload() click to toggle source
# File lib/mongo/auth/ldap/conversation.rb, line 92
def payload
  BSON::Binary.new("\x00#{user.name}\x00#{user.password}")
end
validate!(reply, server) click to toggle source
# File lib/mongo/auth/ldap/conversation.rb, line 96
def validate!(reply, server)
  if reply.documents[0][Operation::Result::OK] != 1
    raise Unauthorized.new(user, used_mechanism: MECHANISM, server: server)
  end
  @reply = reply
end